cloudwatchlogs-relay

command module

v0.2.0 Latest Latest Go to latest Published: Feb 19, 2020 License: MIT Imports: 19 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/doist/cloudwatchlogs-relay

Links

Open Source Insights

README ¶

Program cloudwatchlogs-relay listens for rsyslogd messages over unix socket
and sends messages to CloudWatch logs.

To send all logged messages on a host to CloudWatch Logs, configure rsyslogd
by creating file /etc/rsyslog.d/cloudwatch.conf with the following content:

    $ModLoad omuxsock
    $OMUxSockSocket /var/run/cloudwatch
    *.* :omuxsock:

Restart rsyslogd, and run this program like this:

    cloudwatchlogs-relay -socket=/var/run/cloudwatch \
        -group=/groupname/rsyslogd \
        -stream='instance/${INSTANCE_ID}'

This will create log group "/groupname/rsyslogd", and inside it a log stream
"instance/${INSTANCE_ID}", where ${INSTANCE_ID} would be replaced with EC2
instance ID. Supported placeholders for replacement are: ${HOSTNAME},
${INSTANCE_ID}, ${RANDOM} — for instance ID, hostname, and random string. Be
careful to make sure placeholders are not expanded by the shell (use single
quotes).

Program requires the following IAM permissions:

    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Action": [
                    "logs:CreateLogGroup",
                    "logs:CreateLogStream",
                    "logs:PutLogEvents"
                ],
                "Resource": "*"
            }
        ]
    }

Note that while program tries to remove socket on clean shutdown, it is
still possible that leftover socket file may be left, preventing new
instance from starting.

It relies on AWS SDK and expects to find credentials/region settings in
usual places (IAM role, environment, configuration files).

Documentation ¶

Overview ¶

Program cloudwatchlogs-relay listens for rsyslogd messages over unix socket and sends messages to CloudWatch logs.

To send all logged messages on a host to CloudWatch Logs, configure rsyslogd by creating file /etc/rsyslog.d/cloudwatch.conf with the following content:

$ModLoad omuxsock
$OMUxSockSocket /var/run/cloudwatch
*.* :omuxsock:

Restart rsyslogd, and run this program like this:

cloudwatchlogs-relay -socket=/var/run/cloudwatch \
    -group=/groupname/rsyslogd \
    -stream='instance/${INSTANCE_ID}'

This will create log group "/groupname/rsyslogd", and inside it a log stream "instance/${INSTANCE_ID}", where ${INSTANCE_ID} would be replaced with EC2 instance ID. Supported placeholders for replacement are: ${HOSTNAME}, ${INSTANCE_ID}, ${RANDOM} — for instance ID, hostname, and random string. Be careful to make sure placeholders are not expanded by the shell (use single quotes).

Program requires the following IAM permissions:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents"
            ],
            "Resource": "*"
        }
    ]
}

Note that while program tries to remove socket on clean shutdown, it is still possible that leftover socket file may be left, preventing new instance from starting.

It relies on AWS SDK and expects to find credentials/region settings in usual places (IAM role, environment, configuration files).

Source Files ¶

View all Source files

main.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL